Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

SUSE Manager Server: 2014:1342-1 Important: XSS Fix for Spacewalk-Java

suse
Calendar Grey October 31, 2014
Dist Suse Esm H88
Critical patch release for spacewalk-java addresses XSS vulnerabilities in SUSE Manager. Key updates now accessible.
An update that fixes one vulnerability is now available

Summary

This update fixes various cross-site scripting (XSS) issues in spacewalk-java. CVE-2014-3654 has been assigned to this issue. Security Issues: * CVE-2014-3654 Indications: Everybody should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Server: zypper in -t patch sleman21-spacewalk-java-9910 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Server (noarch): spacewalk-java-2.1.165.6-0.13.1 spacewalk-java-config-2.1.165.6-0.13.1 spacewalk-java-lib-2.1.165.6-0.13.1 spacewalk-java-oracle-2.1.165.6-0.13.1 spacewalk-java-postgresql-2.1.165.6-0.13.1

Topics%20covered

Topics Covered

security advisory software update cross-site scripting important java issues suse manager

References

#902182

Cross- CVE-2014-3654

Affected Products:

SUSE Manager Server

https://www.suse.com/security/cve/CVE-2014-3654.html

https://bugzilla.suse.com/show_bug.cgi?id=902182

https://scc.suse.com:443/patches/

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2014:1342-1
Rating: important

Topics%20covered

Topics Covered

security advisory software update cross-site scripting important java issues suse manager

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here